RFC 4211, "Internet X.509 Public Key Infrastructure Certificate Request Message Format (CRMF)", September 2005Source of RFC: pkix (sec)
Errata ID: 2340
Status: Held for Document Update
Publication Format(s) : TEXT
Reported By: Alfred Hoenes
Date Reported: 2005-11-08
Held for Document Update by: Sean Turner
Date Held: 2010-07-29
Section 4.2.1 says:
In the last paragraph on page 11 says: identifier contains a name that the CA/RA can associate with the requestor. This will generally be either the DN of a certificate or a text token passed and known to both the requestor and the CA/RA. ...
It should say:
identifier contains a name that the CA/RA can associate with the requestor. This will generally be either a portion of either a subject name or subject alternative name (either from an existing certificate or from the certificate request) or a text token passed and known to both the requestor and the CA/RA.
The location of the DN material will vary based on the question of whether
this is an archive operator or a POP operation.